CVE-2003-0160

Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail before 1.2.11 allow remote attackers to inject arbitrary HTML code and steal information from a client's web browser.

Published: Apr 2, 2003
Updated: Apr 13, 2023
CVE: CVE-2003-0160
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5.8
AV:N/AC:M/Au:N/C:P/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
squirrelmail / squirrelmail	-	1.2.11.x

http://sourceforge.net/mailarchive/forum.php?thread_id=1641953&forum_id=1988
http://www.redhat.com/support/errata/RHSA-2003-112.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A614

Vulnerability Database

289,697

CVE-2003-0160